Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mitel vulnerabilities and exploits
(subscribe to this query)
4.9
CVSSv3
CVE-2021-37586
The PowerPlay Web component of Mitel Interaction Recording Multitenancy systems prior to 6.7 could allow a user (with Administrator rights) to replay a previously recorded conversation of another tenant due to insufficient validation.
Mitel Interaction Recording
5.5
CVSSv3
CVE-2023-39288
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect up to and including 9.6.2304.102 could allow an authenticated attacker with elevated privileges and internal network access to conduct a command argument injection due to insufficient parameter sani...
Mitel Mivoice Connect
9.8
CVSSv3
CVE-2023-31458
A vulnerability in the Edge Gateway component of Mitel MiVoice Connect versions 19.3 SP2 (22.24.1500.0) and previous versions could allow an unauthenticated attacker with internal network access to authenticate with administrative privileges, because initial installation does not...
Mitel Mivoice Connect
9.8
CVSSv3
CVE-2022-29499
The Service Appliance component in Mitel MiVoice Connect up to and including 19.2 SP3 allows remote code execution because of incorrect data validation. The Service Appliances are SA 100, SA 400, and Virtual SA.
Mitel Mivoice Connect
2 Articles
4.9
CVSSv3
CVE-2023-39290
A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through R19.3 SP3 (22.24.5800.0) could allow an authenticated attacker with elevated privileges to conduct an information disclosure attack due to improper configuration. A successful exploit could allow an ma...
Mitel Mivoice Connect
8
CVSSv3
CVE-2021-3176
The chat window of the Mitel BusinessCTI Enterprise (MBC-E) Client for Windows prior to 6.4.15 and 7.x prior to 7.1.2 could allow an malicious user to gain access to user information by sending certain code, due to improper input validation of http links. A successful exploit cou...
Mitel Businesscti Enterprise
5.5
CVSSv3
CVE-2023-39287
A vulnerability in the Edge Gateway component of Mitel MiVoice Connect up to and including 19.3 SP3 (22.24.5800.0) could allow an authenticated attacker with elevated privileges and internal network access to conduct a command argument injection due to insufficient parameter sani...
Mitel Mivoice Connect
4.9
CVSSv3
CVE-2023-39291
A vulnerability in the Connect Mobility Router component of MiVoice Connect up to and including 9.6.2304.102 could allow an authenticated attacker with elevated privileges to conduct an information disclosure attack due to improper configuration. A successful exploit could allow ...
Mitel Mivoice Connect
8.8
CVSSv3
CVE-2020-12456
A remote code execution vulnerability in Mitel MiVoice Connect Client prior to 214.100.1223.0 could allow an malicious user to execute arbitrary code in the chat notification window, due to improper rendering of chat messages. A successful exploit could allow an malicious user to...
Mitel Mivoice Connect
6.1
CVSSv3
CVE-2020-28351
The conferencing component on Mitel ShoreTel 19.46.1802.0 devices could allow an unauthenticated malicious user to conduct a reflected cross-site scripting (XSS) attack (via the PATH_INFO to index.php) due to insufficient validation for the time_zone object in the HOME_MEETING&am...
Mitel Shoretel Firmware 19.46.1802.0
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »